General
-
Target
Server.exe
-
Size
93KB
-
MD5
86b08818a8fc2b15328e3272c19814a1
-
SHA1
2f1e7ade2b788f296884584bdc2858b4360de612
-
SHA256
9eace90e5601ac5e67e64ff7b0198b94fb23a569572e0b8cbb90ec3939e7085a
-
SHA512
e3581e2383ee6cd14e33c6193e6229d657db1208a08cc2b568bf1bc5c77fcf108dada5b132744f24e8a4af136bb4eec27bb751362cfc746bb50bda2f218930f1
-
SSDEEP
768:6Y33UnD9O/pBcxYsbae6GIXb9pDX2t9zPL0OXLeuXxrjEtCdnl2pi1Rz4Rk3BsGe:1UxOx6baIa9ROj00ljEwzGi1dDRDQgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
wrny.ddns.net:4577
Mutex
69d084854e77aef540e61d58928e7891
Attributes
-
reg_key
69d084854e77aef540e61d58928e7891
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections